CS 4235 - Summer 2007
Introduction to Information Security
Home | Syllabus | Schedule | Homework | Critiques | Project | Groups | Links
Homework 1
Dates
- Homework assigned: May 24, 2007
- Homework due: May 31, 2007
Assignment
Questions 1 and 2 are short answer questions. Answer these with a couple of sentences. Questions 3 and 4 are long answer questions. Answer these with 2-3 paragraphs. All answers must be typed and printed. The hard copy with your answers must be turned in at the start of class on the due date.
Be sure to put your name and GTID on the top of every page of your assignment. Multiple pages should be stapled together.
This homework assignment must be done individually, it is not a group work assignment.
(1) Who has the easier job when it comes to computer security, the attackers or the defenders? Why?
(2) What are the five processes needed to build a consistent and reasonable information security system? List the processes and give a brief description of each.
(3) Senior computer security researchers frequently mention that many of the security problems that plague today's computer systems were solved 20-30 years ago. Do you agree with this opinion? If so, explain why current systems suffer from these solved security problems. If not, explain why these researchers are wrong.
(4) Imagine that you have decided to setup a computer in your home to act as a web server for a project that you are working on. Since you only have one internet connection, this computer is on the same network as the other computers in your house. One of these other computers is used for banking and other sensitive record keeping. [part a] What steps should you take to ensure the security of this setup? Justify your answers. [part b] Now pretend that you are an attacker looking to steal the bank account information from this home network. How would you attack this system? Justify your answers. [part c] Conclude by explaining how you know when you have sufficient protections in place to secure this network.